Adding customer intents - mixed files

Author: batamig

articles/sentinel/audit-sentinel-data.md

@@ -5,6 +5,10 @@ author: limwainstein
 ms.topic: how-to
 ms.date: 01/09/2023
 ms.author: lwainstein
+
+
+#Customer intent: [AI]As a security operations analyst, I want to audit queries and activities in my SOC environment so that I can ensure compliance and monitor security operations effectively.
+
 ---
 
 # Audit Microsoft Sentinel queries and activities

articles/sentinel/audit-table-reference.md

@@ -6,6 +6,10 @@ ms.author: lwainstein
 ms.topic: reference
 ms.date: 01/17/2023
 ms.service: microsoft-sentinel
+
+
+#Customer intent: [AI]As a security analyst, I want to understand the schema and usage of Microsoft Sentinel audit tables so that I can effectively monitor and audit user activities within my SIEM environment.
+
 ---
 
 # Microsoft Sentinel audit tables reference

articles/sentinel/aws-s3-troubleshoot.md

@@ -6,6 +6,10 @@ ms.author: lwainstein
 ms.topic: troubleshooting
 ms.date: 09/08/2022
 #Customer intent: As a security operator, I want to quickly identify the cause of the problem occurring with the AWS S3 connector so I can find the steps needed to resolve the problem.
+
+
+#Customer intent: [AI]As a cloud security engineer, I want to troubleshoot AWS S3 connector issues so that I can ensure seamless log ingestion into my SIEM system.
+
 ---
 
 # Troubleshoot AWS S3 connector issues

articles/sentinel/best-practices-data.md

@@ -5,6 +5,10 @@ author: limwainstein
 ms.author: lwainstein
 ms.topic: conceptual
 ms.date: 01/09/2023
+
+
+#Customer intent: [AI]As a security operations analyst, I want to implement best practices for data collection using cloud-based SIEM connectors so that I can optimize log ingestion, reduce costs, and enhance security monitoring.
+
 ---
 
 #  Data collection best practices

articles/sentinel/best-practices-workspace-architecture.md

@@ -5,6 +5,10 @@ author: limwainstein
 ms.author: lwainstein
 ms.topic: conceptual
 ms.date: 06/28/2023
+
+
+#Customer intent: [AI]As a security architect, I want to design an optimal Log Analytics workspace architecture for my Microsoft Sentinel deployment so that I can meet business, compliance, and cost requirements while ensuring efficient data management and access control.
+
 ---
 
 # Microsoft Sentinel workspace architecture best practices

articles/sentinel/cef-name-mapping.md

@@ -5,6 +5,10 @@ author: yelevin
 ms.author: yelevin
 ms.topic: reference
 ms.date: 08/12/2024
+
+
+#Customer intent: [AI]As a security analyst, I want to understand the mapping between CEF fields and CommonSecurityLog fields so that I can accurately interpret and analyze security events in my SIEM system.
+
 ---
 
 # CEF and CommonSecurityLog field mapping

articles/sentinel/configure-content.md

@@ -6,6 +6,10 @@ ms.topic: how-to
 ms.date: 07/05/2023
 ms.author: lwainstein
 #Customer intent: As a SOC analyst, I want to configure the Microsoft Sentinel security content, so I can protect my organization against threats.
+
+
+#Customer intent: [AI]As a security operations analyst, I want to configure security content in my SIEM platform so that I can detect, monitor, and respond to security threats effectively.
+
 ---
 
 # Configure Microsoft Sentinel content

articles/sentinel/configure-data-retention-archive.md

@@ -6,6 +6,10 @@ ms.topic: how-to
 ms.date: 07/21/2024
 ms.author: cwatson
 #Customer intent: As a SOC analyst, I want to set up interactive and long-term data retention settings so I can retain the data that's important to my organization in the long term.
+
+
+#Customer intent: [AI]As a security analyst, I want to configure data retention and archiving policies so that I can ensure long-term storage of important data at a reduced cost.
+
 ---
 
 # Configure interactive and long-term data retention in Microsoft Sentinel

articles/sentinel/connect-azure-virtual-desktop.md

@@ -5,6 +5,10 @@ author: limwainstein
 ms.topic: how-to
 ms.date: 01/09/2023
 ms.author: lwainstein
+
+
+#Customer intent: [AI]As a security analyst, I want to monitor Azure Virtual Desktop environments using a SIEM solution so that I can enhance remote work capabilities while maintaining security.
+
 ---
 
 # Connect Azure Virtual Desktop data to Microsoft Sentinel

articles/sentinel/connect-dns-ama.md

@@ -6,6 +6,10 @@ ms.topic: how-to
 ms.date: 01/05/2022
 ms.author: lwainstein
 #Customer intent: As a security operator, I want to proactively monitor Windows DNS activities so that I can prevent threats and attacks on DNS servers.
+
+
+#Customer intent: [AI]As a security analyst, I want to stream and filter DNS server logs using a cloud-based monitoring agent so that I can detect and mitigate potential threats efficiently.
+
 ---
 
 # Stream and filter data from Windows DNS servers with the AMA connector